Category: Cyber Security News

Between February 21 and February 28, 2026, an autonomous bot named hackerbot-claw launched a week-long attack campaign against major open source repositories. It targeted GitHub Actions CI/CD pipelines belonging to Microsoft, DataDog, the Cloud Native Computing Foundation, and several other…

Read more →

Anthropic has introduced a new memory import tool for Claude that allows users to seamlessly transfer their stored preferences, habits, and context from other AI platforms, including ChatGPT, Google Gemini, and Microsoft Copilot, directly into Claude’s memory system, eliminating the…

Read more →

A new information-stealing malware called AuraStealer has been making its presence felt across the cybersecurity landscape since mid-2025. Developed and actively maintained by a group of Russian-speaking individuals, the malware first appeared on underground hacker forums in July 2025, shortly…

Read more →

Google has released its highly anticipated March 2026 Android Security Bulletin, delivering critical fixes for 129 security vulnerabilities across the Android ecosystem. This massive update represents one of the highest numbers of patches issued in a single month in recent…

Read more →

A new artificial intelligence (AI) offensive security tool called CyberStrikeAI, which is being actively leveraged by threat actors to target edge devices, particularly Fortinet FortiGate appliances. This open-source platform, developed by a China-based individual with potential ties to state-sponsored operations,…

Read more →

A supply chain attack targeting developers surfaced on March 2, 2026, when unauthorized code was found inside two versions of the Aqua Trivy VS Code extension on the OpenVSX registry. The compromised versions — 1.8.12 and 1.8.13 — were uploaded…

Read more →

A high-severity security vulnerability has been discovered in Google Chrome’s integrated Gemini AI assistant, exposing users to unauthorized camera and microphone access, local file theft, and phishing attacks, all without requiring any user interaction beyond launching the browser’s built-in AI…

Read more →

On March 2, 2026, Anthropic’s artificial intelligence assistant, Claude, experienced a significant global outage that disrupted workflows for users and developers worldwide. Organizations relying on the AI model for daily threat intelligence reporting, code generation, and automated security analysis faced…

Read more →

A zero-day vulnerability in the Microsoft HTML (MSHTML) framework was actively exploited in the wild. The vulnerability, tracked as CVE-2026-21513, allows attackers to bypass security features and execute arbitrary files. With a CVSS score of 8.8, it impacts all Windows…

Read more →

A critical Universal Cross-Site Scripting (UXSS) vulnerability was recently discovered in the DuckDuckGo Android browser. This flaw allowed untrusted, cross-origin iframes to execute arbitrary JavaScript in the top-level origin, tracked with a high-severity CVSS score of 8.6. The vulnerability was…

Read more →

A critical local privilege escalation (LPE) vulnerability affecting Microsoft Windows has recently come to light following the public release of a Proof-of-Concept (PoC) exploit. Tracked as CVE-2026-20817, this security flaw resides within the Windows Error Reporting (WER) service. The vulnerability…

Read more →

A newly identified botnet trojan campaign, dubbed OCRFix, has been discovered combining social engineering tricks with blockchain-based command infrastructure to quietly build a network of compromised machines. The campaign blends the well-known ClickFix phishing technique with EtherHiding — a method…

Read more →

A large-scale reconnaissance campaign is actively targeting SonicWall firewalls across the internet, with attackers using more than 4,000 unique IP addresses to map vulnerable devices before launching exploitation attempts. Between February 22 and February 25, 2026, threat actors generated 84,142…

Read more →

A newly discovered malware variant named RESURGE is actively targeting Ivanti Connect Secure devices by exploiting a critical zero-day vulnerability, prompting the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to issue a formal warning. The malware is built to survive…

Read more →

Tire Pressure Monitoring Systems (TPMS) in vehicles from Toyota, Renault, Hyundai, and Mercedes broadcast unencrypted tire data, enabling low-cost passive tracking of cars and drivers. Researchers from IMDEA Networks and partners have revealed that a 10-week study captured over 6…

Read more →

A critical vulnerability has been discovered in Angular Server-Side Rendering (SSR) that could allow attackers to trick applications into sending unauthorized requests. Tracked as CVE-2026-27739, this Server-Side Request Forgery (SSRF) flaw poses a severe risk to web applications using affected…

Read more →

The U.S. Department of Defense deployed Anthropic’s Claude AI during Operation Epic Fury, a joint offensive with Israel against Iran on February 28, just hours after President Trump designated Anthropic as a national security “supply chain risk” and ordered all…

Read more →

A browser extension that once earned a Featured badge from Google quietly turned into a remote code execution tool after its ownership changed hands, exposing thousands of users to covert script injection and full browser security header stripping. The campaign,…

Read more →

As Israeli and US forces launched joint preemptive airstrikes on Tehran, a sophisticated cyber-psychological operation unfolded simultaneously. According to a report by Wired Middle East, millions of Iranian citizens and military personnel were jolted awake not only by explosions but…

Read more →

A major power outage in the AWS me-central-1 (Middle East) region on March 1, 2026, resulted from an unusual physical incident where external objects struck a data center, triggering sparks and a fire. The event caused significant disruptions to Amazon…

Read more →